FAKULTI PENGURUSAN MAKLUMAT

UNIVERSITI TEKNOLOGI MARA CAWANGAN JOHOR

KAMPUS SEGAMAT
BACHELOR OF INFORMATION MANAGEMENT SCIENCE (HONS) RECORDS
MANAGEMENT
(IM246)
IMS657

INDIVIDUAL ASSIGNMENT:
WEBSITE SECURITY EVALUATION ( BANK ISLAM)

PREPARED BY:
NURHAFIDZZAH BINTI NOR AZMAN
(2022958897)

PREPARED FOR:
Sir Qamarul Nazrin Bin Harun
Sir Ismail Bin Pahmi

DATE: 6 May 2024

ACKNOWLEDGEMENT

First and foremost, I would like to express our gratitude to Sir Qamarul Nazrin Bin
Harun, for giving us good guidelines for this assignment. We are extremely grateful for his
valuable advice, continuous support, and patience when we needed it. I would also like to
express my deepest appreciation to everyone who has helped me write this assignment,
both directly and indirectly. I was immensely grateful to all those involved in this article
review assignment, as without their inspiration and valuable suggestions, it would not have
been possible to develop the assignment within the prescribed time.

Last but not least, I was grateful to myself because I was still allowed to complete this
assignment and learn to explore this website's security and not giving up.

2
Abstract

The most basic things that need to be considered in online banking websites is
security to protect user information and money. Risk managers or professionals in the
banking institution should be aware of current risks that could be faced. Bank Islam Berhad
is the top 1 bank with delay issues at their website and experienced mass losses from their
client based on the article. To detect how far the website was secured, some website
scanner was used with image results to have a clear view of the security website.

INTRODUCTION

Bank Islam was one of the big banks in Malaysia and the command bank used by
Malaysian citizens. Bank Islam was the first Islamic banking available with a variety of
Syariah compliance, the leading Islamic bank in Malaysia was established in 1983 by Bank
Islam Berhad. Now Bank Islam allows to transactions with foreign currency for Dirham,
Australian Dollar, Euro, Pounds Sterling, Yen, Riyals, Singapore Dollar and US Dollar in
foreign currency accounts with terms and conditions. The availability of their service and
physical bank was limited outside Malaysia, Bank Islam relies on their online service to
reach clients outside of Malaysia. This Bank Islam website was the most important to have
securities and sufficient information to access and secure customers’ money.

3
PROBLEM STATEMENT

Currently, most transactions are made through an online platform where everyone
finds it easy to access. But the question in every transaction will remain the same, is the
transaction confidential and secure? A total of RM3.2 billion has been lost to online scams
between 2020 and 2023, says Deputy Minister in the Prime Minister's Department (Law and
Institutional Reforms) M. Kulasegaran.”(TheStar, March 2024). This is the latest loss
that could be tracked from online transactions. This statement might relate generally
to other transactions such as online shopping, phishing, dating scams, invoice fraud,
and investment scams. This is the result of an unverified large amount of money
transaction. Bank Islam has been around for 41 years yet there are always users who have
issues with their system either on the website or application. The most common problem
faced by the user is their slow response and lagging, causing a lot of confusion with their
response. Although Bank Islam has already introduced a kill switch function to users, this kill
switch will only function after users realize their losses or get scammed.

OBJECTIVE

Finding the best solution to handle scammer cases and cause big losses to users is
a part of security control. This issue should be taken action a long time ago since the issues
have damaged the image of Islamic banking and Bank Islam Berhad itself as one of the
largest banks in Malaysia. Spreading the awareness to keep security under control and
updated with current threats to professionals and Bank Islam Berhad to end this issue.

METHODOLOGY

Understanding how website security should work, and testing Bank Islam's website is
quite challenging. There are a few tools to scan and identify this issue such as Hosted Scan
and SUCURI. Hosted scan have their specific scanners such as OpenVAS, OWASP ZAP
and Nmap. These tools might not detect specific issues or errors in the website but they
could roughly give results from testing it.

4
RESULT

1)SUCURI

2)OWASP ZAP

5
3) Nmap

6
DISCUSSION

After running a few analyses and observing the results after using tools to identify
how secure Bank Islam Berhad’s website was, they have a gap in security that might be
overcome within Bank Islam Berhad. It might not be a big gap or security problem based on
the result of using tools, it is just a normal gap like other e-commerce websites. As the first
Islamic banking in Malaysia, they could improve to gain user trust and overcome existing
problems. Banking websites must have thigh security compared to others because they
have more confidential information.

CONCLUSION

In conclusion, security is an important part of online banking websites to protect user

assets. Bank Islam Berhad, needs to be aware of current risks and needs to have IT security
professionals. They should emphasize on safety of users especially on the website because
currently, the main service they could give to a wide range of users is website service.
Nowadays, there are a few companies that specialize in security and offer services building
services in client systems. User safety was started with company awareness.

7
REFFERENCE

Vethasalam, R., Tan, T., & Gimino, G. (2024, March 5). RM3.2bil lost to online scams

from 2020 to 2023, says Kulasegaran. The Star.

https://www.thestar.com.my/news/nation/2024/03/04/rm23bil-lost-to-online-sca

ms-from-2020-to-2023-says-kulasegaran

New safety measures – Bank Islam Malaysia Berhad. (n.d.).

https://www.bankislam.com/personal-banking/services/new-safety-measures/

HostedScan.com. (2024, April 23). HostedScan, the all-in-one cybersecurity

platform.

https://hostedscan.com/?utm_source=geekflare&utm_medium=toplist&utm_c

ampaign=online-scan

sucuri.net. (n.d.). Sucuri Security. Sucuri Security.

https://www.anrdoezrs.net/links/8092889/type/dlg/https://sitecheck.sucuri.net/